WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting

WordPress Car Repair Services & Auto Mechanic before 4.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the serviceestimatekey parameter before outputting it back in the page. id: CVE-2021-24335 info: name: WordPress Car Repair Services & Auto Mechanic Them...

PrestaShop SmartBlog <4.0.6 - SQL Injection

PrestaShop SmartBlog by SmartDataSoft 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality. id: CVE-2021-37538 info: name: PrestaShop SmartBlog 4.0.6 - SQL Injection author: whoever severity: critical description: PrestaShop SmartBlog by SmartDataSoft 4.0.6 is...

CVE-2025-62741

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Pool Services pool-services allows Server Side Request Forgery.This issue affects Pool Services: from n/a through = 3.3...

CVE-2026-22358

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through = 5.6...

CVE-2025-62741

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Pool Services pool-services allows Server Side Request Forgery.This issue affects Pool Services: from n/a through = 3.3...

CVE-2026-22358

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through = 5.6...

PT-2026-4210

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through = 5.6...

PT-2026-3996

Name of the Vulnerable Software and Affected Versions SmartDataSoft Pool Services versions through 3.3 Description A Server-Side Request Forgery SSRF issue exists in SmartDataSoft Pool Services. This allows for Server Side Request Forgery. The issue is present in pool-services. Recommendations...

EUVD-2025-30603

Malicious code in bioql PyPI...

EUVD-2025-30624

Malicious code in bioql PyPI...

EUVD-2025-17237

Malicious code in bioql PyPI...

CVE-2025-58004

Missing Authorization vulnerability in SmartDataSoft DriCub dricub-driving-school allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DriCub: from n/a through = 2.9...

CVE-2025-58005

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft DriCub dricub-driving-school allows Server Side Request Forgery.This issue affects DriCub: from n/a through = 2.9...

CVE-2025-58004

Missing Authorization vulnerability in SmartDataSoft DriCub dricub-driving-school allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DriCub: from n/a through = 2.9...

PT-2025-38855

Name of the Vulnerable Software and Affected Versions SmartDataSoft DriCub versions through 2.9 Description A Server-Side Request Forgery SSRF issue exists in SmartDataSoft DriCub. This allows for Server Side Request Forgery. The vulnerability allows an attacker to make requests on behalf of the...

PT-2025-38854

Name of the Vulnerable Software and Affected Versions SmartDataSoft DriCub versions through 2.9 Description An authorization issue exists in SmartDataSoft DriCub due to incorrectly configured access control security levels. This allows for potential exploitation of the system. Recommendations At...

PT-2025-32096 · WordPress · Reveal Listing

Name of the Vulnerable Software and Affected Versions: Reveal Listing plugin for WordPress versions up to and including 3.3 Description: The Reveal Listing plugin for WordPress allows users registering new accounts to set their own role via the listing user role field. This enables unauthenticate...

CVE-2025-30997

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Car Repair Services car-repair-services allows Server Side Request Forgery.This issue affects Car Repair Services: from n/a through = 5.0...

CVE-2025-30997

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Car Repair Services car-repair-services allows Server Side Request Forgery.This issue affects Car Repair Services: from n/a through = 5.0...

CVE-2025-30997

CVE-2025-30997 describes a Server-Side Request Forgery (SSRF) in the WordPress theme “Car Repair Services” by SmartDataSoft. Public details in connected sources confirm affected software: Car Repair Services WordPress Theme (including versions up to 5.0; “n/a through 5.0” in initial record). The ...